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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1 308. 

1 . K| This communication is responsive to Final Rejection mailed on March 2, 2009 . 

2. The allowed claim(s) is/are 1,2,6,7,11 and 12 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a) DAN b)DSome* c) □ None of the: 

1. D Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. O Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 



Attachment(s) 

1 . M Notice of References Cited (PTO-892) 

2. □ Notice of Draftperson's Patent Drawing Review (PTO-948) 

3. □ Information Disclosure Statements (PTO/SB/08), 

Paper No./Mail Date 

4. □ Examiner's Comment Regarding Requirement for Deposit 

of Biological Material 



5. Q Notice of Informal Patent Application 

6. □ Interview Summary (PTO-413), 

Paper No./Mail Date . 

7. £3 Examiner's Amendment/Comment 

8. £3 Examiner's Statement of Reasons for Allowance 

9. □ Other . 
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Examiner's Amendment 

1 . Claims 1-2, 6-7, 11-12 are pending. 

2. An examiner's amendment to the record appears below. Should the changes and/or additions be 
unacceptable to applicant, an amendment may be filed as provided by 37 C.F.R. §1.312. To ensure 
consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee. 

3. Authorization for this Examiner's amendment was given in a telephone interview with Stephen 
Walder on May 28, 2009. 

4. The application has been amended as follows: 

1. (Currently amended) A method, in an information handling system comprising a processor and a 
storage device, for improving the handling of personally identifiable information, said method comprising: 

generating, in the information handling system, an object model for representing relationships 
between active entities with regard to handling of personally identifiable information, wherein the active 
entities comprise a data subject, represented as a data subject object in the object model, and at least 
one data user, represented as at least one data user object in the object model, and wherein the data 
subject is an active entity that is identified by the personally identifiable information and the at least one 
data user is an active entity that uses the personally identifiable information obtained from the data 
subject; 

identifying, by the information handling system, parties involved in a process of handling 
personally identifiable information based on the object model, wherein the parties comprise the data 
subject and the at least one data user; 

identifying, by the information handling system, data involved in said process from a data model; 

classifying, by the information handling system, the data as personally identifiable information or 
non-personally identifiable information; 

expressing, by the information handling system, based on the object model, each relationship 
between each pair of said parties in terms of a privacy agreement, wherein the privacy agreement for 
each relationship between each pair of parties is a subset of a natural language privacy policy set, the 
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subset being defined as specific to a particular situation or purpose and specific to the particular parties in 
the pair of parties; and 

representing, by the information handling system, said parties, said data, and said privacy 
agreements graphically as objects and associations between objects in one or more privacy agreement 
relationship diagrams; 

reducing privacy-related risks involved in said process based on the one or more privacy 
agreement relationship diagrams; and 

transforming data into a less sensitive form based on the one or more privacy agreement 
relationship diagrams, wherein the less sensitive form is one of a de-personalized form in which 
transformed data does not contain personally identifiable information that identifies the data subject but is 
able to be associated with the data subject using other data having personally identifiable information, or 
an anonymous form in which transformed data does not contain personally identifiable information that 
identifiers the data subject and is not able to be associated with the data subject , wherein: 

each privacy agreement uses a limited number of privacy-related actions concerning said 
personally identifiable information; and 

said privacy agreement expresses privacy rules regarding said privacy-related actions, for each 
party in a pair of parties with which the privacy agreement is associated. 

2. (Previously presented) The method of Claim 1, further comprising mapping a business process 
to privacy rules of one or more privacy agreements for each pair of parties. 

3-5. (Canceled) 

6. (Currently amended) A system for improving the handling of personally identifiable information, 
said system comprising: 
a processor; and 
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a memory coupled to the processor, wherein the memory comprises instructions which, when 
executed by the processor, cause the processor to: 

generate an object model for representing relationships between active entities with regard to 
handling of personally identifiable information, wherein the active entities comprise a data subject, 
represented as a data subject object in the object model, and at least one data user, represented as at 
least one data user object in the object model, and wherein the data subject is an active entity that is 
identified by the personally identifiable information and the at least one data user is an active entity that 
uses the personally identifiable information obtained from the data subject; 

identify parties involved in a process of handling personally identifiable information based on the 
object model, wherein the parties comprise the data subject and the at least one data user; 

identify data involved in said process from a data model; 

classify the data as personally identifiable information or non-personally identifiable information; 

express, based on the object model, each relationship between each pair of said parties in terms 
of a privacy agreement, wherein the privacy agreement for each relationship between each pair of parties 
is a subset of a natural language privacy policy set, the subset being defined as specific to a particular 
situation or purpose and specific to the particular parties in the pair of parties; [[and]] 

represent said parties, said data, and said privacy agreements graphically as objects and 
associations between objects in one or more privacy agreement relationship diagrams; 

reduce privacy-related risks involved in said process based on the one or more privacy 
agreement relationship diagrams; and 

transform data into a less sensitive form based on the one or more privacy agreement 
relationship diagrams, wherein the less sensitive form is one of a de-personalized form in which 
transformed data does not contain personally identifiable information that identifies the data subject but is 
able to be associated with the data subject using other data having personally identifiable information, or 
an anonymous form in which transformed data does not contain personally identifiable information that 
identifiers the data subject and is not able to be associated with the data subject , wherein: 
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each privacy agreement uses a limited number of privacy-related actions concerning said 
personally identifiable information; and 

said privacy agreement expresses privacy rules regarding said privacy-related actions, for each 
party in a pair of parties with which the privacy agreement is associated. 

7. (Previously presented) The system of Claim 6, wherein the instructions further cause the 
processor to map a business process to privacy rules of one or more privacy agreements for each pair of 
parties. 

8-10. (Canceled) 

11. (Currently amended) A computer-usable medium having computer-executable instructions for 
improving the handling of personally identifiable information, said computer-executable instructions, when 
executed by a computing device, cause the computing device to: 

generate an object model for representing relationships between active entities with regard to 
handling of personally identifiable information, wherein the active entities comprise a data subject, 
represented as a data subject object in the object model, and at least one data user, represented as at 
least one data user object in the object model, and wherein the data subject is an active entity that is 
identified by the personally identifiable information and the at least one data user is an active entity that 
uses the personally identifiable information obtained from the data subject; 

identify parties involved in a process of handling personally identifiable information based on the 
object model, wherein the parties comprise the data subject and the at least one data user; 

identify data involved in said process from a data model; 

classify the data as personally identifiable information or non-personally identifiable information; 
express, based on the object model, each relationship between each pair of said parties in terms 
of a privacy agreement, wherein the privacy agreement for each relationship between each pair of parties 



Application/Control Number: 09/884,296 Page 6 

Art Unit: 3621 

is a subset of a natural language privacy policy set, the subset being defined as specific to a particular 
situation or purpose and specific to the particular parties in the pair of parties; and 

represent said parties, said data, and said privacy agreements graphically as objects and 
associations between objects in one or more privacy agreement relationship diagrams; 

reduce privacy-related risks involved in said process based on the one or more privacy 
agreement relationship diagrams; and 

transform data into a less sensitive form based on the one or more privacy agreement 
relationship diagrams, wherein the less sensitive form is one of a de-personalized form in which 
transformed data does not contain personally identifiable information that identifies the data subject but is 
able to be associated with the data subject using other data having personally identifiable information, or 
an anonymous form in which transformed data does not contain personally identifiable information that 
identifiers the data subject and is not able to be associated with the data subject , wherein: 

each privacy agreement uses a limited number of privacy-related actions concerning said 
personally identifiable information; and 

said privacy agreement expresses privacy rules regarding said privacy-related actions, for each 
party in a pair of parties with which the privacy agreement is associated. 

12. (Previously presented) The computer-useable medium of Claim 11, wherein the instructions 
further cause the computing device to map a business process to privacy rules of one or more privacy 
agreements for each pair of parties. 

13-20. (Canceled) 

Reasons for Allowance 

5. Regarding the claimed terms, Examiner notes that a "general term must be understood in the 
context in which the inventor presents it." In re Glaug, 283 F.3d 1335, 1340, 62 USPQ2d 1151, 1154 
(Fed. Cir. 2002). Therefore, Examiner must interpret the claimed terms as found on pages 1-25 of the 
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specification. Clearly almost all the general terms in the claims may have multiple meanings. So where a 
claim term "is susceptible to various meanings... the inventor's lexicography must prevail." Id. An 
exception to this rule is where "means for" language is used. Using these definitions for the claims, the 
claimed invention was not reasonably found in the prior art. 

6. The closest prior art of record is Coffey et al. (US 6,636,858) and Ginter et al. (US 5,892,900). 

7. The prior art of record discloses a conventional system and method for formatting, associating, 
organizing, and retrieving data; enabling the accumulation and integration of unforeseen data, entities, 
and relationships into a database. 

8. The prior art of record, however, does not teach at least these elements of claims 1 , 6, and 1 1 : 

a. Reducing privacy-related risks... diagrams; 

b. Transforming data into a less sensitive form... subject. 

9. Yet even if the missing claimed elements were found in a reasonable number of references, a 
person of ordinary skill in the art at the time the invention was made would not have been motivated to 
include these missing elements in an embodiment of the prior art disclosures because traditionally a 
database system that shows relationships between entities does not reduce privacy-related risks based 
on the relationship diagram and transform the data into a less sensitive form such as de-personalized or 
anonymous forms. 

10. Examiner finds that "reducing privacy-related risks involved in said process based on the one or 
more privacy agreement relationship diagrams" is inherently present in Applicant's original disclosure 
because said disclosure provides support for 1) "identifying opportunities to reduce privacy-related risks 
involved in said process"; and 2) transformation of data into a less sensitive form (see claim 3 filed June 
19, 2001 and specification p 24). Identifying opportunities to reduce privacy-related risks and then 
transforming data based on those opportunities, inherently discloses reducing privacy-related risks 
because the data is transformed into a less sensitive form. 

11. Any comments considered necessary by Applicant must be submitted no later than the payment 
of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such 
submissions should be clearly labeled "Comments on Statement of Reasons for Allowance." 



Application/Control Number: 09/884,296 Page 8 

Art Unit: 3621 

Conclusion 

12. Any inquiry of a general nature or relating to the status of this application or concerning this 
communication or earlier communications from the Examiner should be directed to Chrystina 
Zelaskiewicz whose telephone number is 571.270.3940. The Examiner can normally be reached on 
Monday-Friday, 9:30am-5:00pm. If attempts to reach the examiner by telephone are unsuccessful, the 
Examiner's supervisor, Andrew Fischer can be reached at 571.272.6779. 

13. Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see 
http://portal.uspto.gov/external/portal/pair <http://pair-direct.uspto.gov>. Should you have questions on 
access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll- 
free). 

/Chrystina Zelaskiewicz/ 
Examiner, Art Unit 3621 
May 28, 2009 



/ANDREW J. FISCHER/ 

Supervisory Patent Examiner, Art Unit 3621 



